Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/KPoxh0k354BS6yLqVnyf36sV9k8.roa
File: KPoxh0k354BS6yLqVnyf36sV9k8.roa (raw, json)
Hash identifier: oXRJH2NwZDQPfhDUPNEH39U2W2l+IOabqv8ij6W50es=
Subject key identifier: 28:FA:31:87:49:37:E7:80:52:EB:22:EA:56:7C:9F:DF:AB:15:F6:4F
Certificate issuer: /CN=c4add5ba7662b731dd08bcf8738f135d93aed451
Certificate serial: 018CC56E4C7999A648592E5D95E39B24EA86
Authority key identifier: C4:AD:D5:BA:76:62:B7:31:DD:08:BC:F8:73:8F:13:5D:93:AE:D4:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xK3VunZitzHdCLz4c48TXZOu1FE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/KPoxh0k354BS6yLqVnyf36sV9k8.roa
Signing time: Mon 01 Jan 2024 14:29:49 +0000
ROA not before: Mon 01 Jan 2024 14:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 45.149.108.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:4c:79:99:a6:48:59:2e:5d:95:e3:9b:24:ea:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4add5ba7662b731dd08bcf8738f135d93aed451
Validity
Not Before: Jan 1 14:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=28fa31874937e78052eb22ea567c9fdfab15f64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:5b:c5:ec:f8:df:bc:25:58:e3:45:e8:9e:c8:
84:df:a0:84:62:8c:50:39:01:bd:01:38:99:13:ae:
2f:d9:b4:68:ed:cd:ad:34:a7:8b:fe:ae:e9:38:88:
49:8b:07:b0:09:c7:d4:91:49:4b:6c:33:86:80:18:
cf:79:da:b7:c8:1c:6e:7a:3b:ab:ff:ca:b4:f7:db:
fa:e1:43:09:47:ba:15:76:c7:de:06:a8:52:88:28:
7f:c2:8b:99:5c:29:8a:14:10:65:b7:e5:61:bb:90:
0f:3d:00:23:f8:a2:e3:b4:d3:74:28:29:ee:b6:0f:
15:fa:23:2b:4e:c2:2d:bf:e0:a8:74:00:b5:a1:87:
33:f0:d8:73:11:31:b6:95:51:02:96:12:7f:df:8c:
2f:92:c7:df:28:7a:c0:4b:8c:5c:5a:55:16:f0:92:
9c:21:5b:9f:d5:16:e3:ff:eb:c2:c1:ad:bf:38:23:
60:be:b0:be:2a:67:df:56:0b:81:f4:21:ee:56:fe:
b2:74:42:eb:0c:85:bc:7e:0e:7f:79:9f:6f:f8:d0:
8c:bb:e8:a4:e6:f4:d1:f3:b8:aa:4a:23:df:ff:69:
ba:6e:a0:fe:48:3a:6d:b8:a8:5a:9f:d8:a1:a8:07:
75:cb:f3:7e:5e:3f:96:3f:56:a5:03:0a:40:f7:d4:
96:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:FA:31:87:49:37:E7:80:52:EB:22:EA:56:7C:9F:DF:AB:15:F6:4F
X509v3 Authority Key Identifier:
keyid:C4:AD:D5:BA:76:62:B7:31:DD:08:BC:F8:73:8F:13:5D:93:AE:D4:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xK3VunZitzHdCLz4c48TXZOu1FE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/KPoxh0k354BS6yLqVnyf36sV9k8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/346a23-1181-4a80-9f55-dd7d47cf5c18/1/xK3VunZitzHdCLz4c48TXZOu1FE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.108.0/22
Signature Algorithm: sha256WithRSAEncryption
08:f8:63:62:e2:4f:f0:3f:19:da:90:65:1d:a1:0f:a4:e1:7e:
be:2e:7c:4c:9d:92:96:36:e8:80:55:f7:9f:87:c2:fd:96:e2:
25:24:7e:0d:99:1f:94:de:00:f4:45:23:fe:a8:e1:67:75:c0:
76:c4:42:d8:ae:55:91:3b:36:6b:6b:c9:0d:32:04:b8:1f:65:
ba:46:28:9d:be:14:92:53:40:cb:5d:67:7d:50:6d:1f:27:87:
42:df:2c:6d:48:95:c6:16:6d:f5:97:99:3e:bb:32:2a:52:90:
06:ff:c9:36:b0:29:2e:c2:5e:db:81:50:10:20:01:c9:2e:81:
b6:a3:e5:77:2b:6f:e8:c9:4e:5a:ac:f7:1a:fb:e7:ed:ec:7f:
f6:e1:69:c8:27:d3:23:c6:ab:d4:5e:75:b6:13:31:73:e1:06:
1e:54:3a:d8:9d:25:2e:b1:79:a1:0f:a3:34:90:8b:f8:fe:58:
d7:b3:75:15:37:65:f8:f9:e5:98:49:95:c0:22:28:e5:6a:1f:
b9:9b:84:24:b5:2d:e7:9d:e6:6a:31:c9:a4:4f:70:e6:02:4a:
08:af:04:5e:e9:fc:99:08:eb:76:42:5e:53:72:02:34:a9:51:
e1:73:8e:4d:ed:b1:c9:d0:85:39:41:67:c5:fa:e0:a7:4b:bf:
8d:8f:73:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbkx5maZIWS5dleObJOqGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YWRkNWJhNzY2MmI3MzFkZDA4YmNmODczOGYxMzVkOTNh
ZWQ0NTEwHhcNMjQwMTAxMTQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGZhMzE4NzQ5MzdlNzgwNTJlYjIyZWE1NjdjOWZkZmFiMTVmNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVvF7PjfvCVY40XonsiE36CEYoxQ
OQG9ATiZE64v2bRo7c2tNKeL/q7pOIhJiwewCcfUkUlLbDOGgBjPedq3yBxuejur
/8q099v64UMJR7oVdsfeBqhSiCh/wouZXCmKFBBlt+Vhu5APPQAj+KLjtNN0KCnu
tg8V+iMrTsItv+CodAC1oYcz8NhzETG2lVEClhJ/34wvksffKHrAS4xcWlUW8JKc
IVuf1Rbj/+vCwa2/OCNgvrC+KmffVguB9CHuVv6ydELrDIW8fg5/eZ9v+NCMu+ik
5vTR87iqSiPf/2m6bqD+SDptuKhan9ihqAd1y/N+Xj+WP1alAwpA99SWFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCj6MYdJN+eAUusi6lZ8n9+rFfZPMB8GA1UdIwQY
MBaAFMSt1bp2Yrcx3Qi8+HOPE12TrtRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEszVnVuWml0ekhkQ0x6NGM0OFRYWk91MUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8zNDZhMjMtMTE4MS00YTgwLTlmNTUt
ZGQ3ZDQ3Y2Y1YzE4LzEvS1BveGgwazM1NEJTNnlMcVZueWYzNnNWOWs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8zNDZhMjMtMTE4MS00YTgwLTlmNTUtZGQ3ZDQ3Y2Y1YzE4
LzEveEszVnVuWml0ekhkQ0x6NGM0OFRYWk91MUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLZVsMA0G
CSqGSIb3DQEBCwUAA4IBAQAI+GNi4k/wPxnakGUdoQ+k4X6+LnxMnZKWNuiAVfef
h8L9luIlJH4NmR+U3gD0RSP+qOFndcB2xELYrlWROzZra8kNMgS4H2W6RiidvhSS
U0DLXWd9UG0fJ4dC3yxtSJXGFm31l5k+uzIqUpAG/8k2sCkuwl7bgVAQIAHJLoG2
o+V3K2/oyU5arPca++ft7H/24WnIJ9MjxqvUXnW2EzFz4QYeVDrYnSUusXmhD6M0
kIv4/ljXs3UVN2X4+eWYSZXAIijlah+5m4QktS3nneZqMcmkT3DmAkoIrwRe6fyZ
COt2Ql5TcgI0qVHhc45N7bHJ0IU5QWfF+uCnS7+Nj3N9
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:12 2025 by rpki-client